package org.zb.admin.controller;

import java.util.Date;

import javax.validation.Valid;

import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.ExcessiveAttemptsException;
import org.apache.shiro.authc.IncorrectCredentialsException;
import org.apache.shiro.authc.LockedAccountException;
import org.apache.shiro.authc.UnknownAccountException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.subject.Subject;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.validation.BindingResult;
import org.springframework.validation.FieldError;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.ResponseBody;
import org.zb.admin.form.LoginForm;
import org.zb.security.auth.BCryptPasswordEncoder;
import org.zb.shiro.model.User;
import org.zb.shiro.service.UserService;

@Controller
public class LoginController {
			
    @Autowired
    private UserService userService;

    @GetMapping("/login")
    public String login(LoginForm loginForm) {
    	Subject subject = SecurityUtils.getSubject();
        if(subject.isAuthenticated()){
            return "redirect:/";
        }
    	return "login";
    }
    
    @PostMapping("/login")
    public String login(@Valid LoginForm loginForm,BindingResult error) {
    	
    	if (error.hasErrors()) {
    		return "login";
    	}
    	
        UsernamePasswordToken token = new UsernamePasswordToken(loginForm.getUsername(), loginForm.getPassword());
        
        Subject subject = SecurityUtils.getSubject();
        
        try {
            subject.login(token);
            Long userId = (Long) subject.getPrincipal();
            User user = new User();
            user.setId(userId);
            user.setLastLoginTime(new Date());
            userService.updateUser(user);
        } catch (IncorrectCredentialsException ice) {
            error.addError(new FieldError(error.getObjectName(),"password", "密码错误!"));
            return "login";
        } catch (UnknownAccountException uae) {
            error.addError(new FieldError(error.getObjectName(),"username", "用户名错误或不存在!"));
            return "login";
        } catch (ExcessiveAttemptsException eae) {
            error.addError(new FieldError(error.getObjectName(),"username", "超时!"));
            return "login";
        } catch (LockedAccountException lax) {
            error.addError(new FieldError(error.getObjectName(),"username", "账号被锁住!"));
            return "login";
        }
        return "redirect:/";
    }

    
    @GetMapping("/mock/create/{name}") 
    @ResponseBody
    public User create(@PathVariable(name="name") String name) {
		User user  = new User();
		user.setUsername(name);
		user.setEmail(name + "@zb.org");
		user.setStatus(0);
		user.setCreateTime(new Date());
		user.setPassword(new BCryptPasswordEncoder().encode("123456"));
		userService.saveUser(user);
		return user;
    }
    
}
